MODERATE

[org.jenkins-ci.plugins:jira-steps] Cross-site request forgery vulnerability in Jenkins JIRA Pipeline Steps Plugin

A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,…

[org.jenkins-ci.plugins:ghprb] CSRF vulnerability in Jenkins GitHub Pull Request Builder Plugin

A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, captur…

[org.jenkins-ci.plugins:view-cloner] Passwords stored in plain text by Jenkins view-cloner Plugin

Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.
References

http…

[openmage/magento-lts] magento-lts Reset Password not protected against well-timed CSRF

Impact
Password reset form is vulnerable to CSRF between time reset password link is clicked and user submits new password.
Patches
PR forthcoming
Workarounds
None
References

https://github.com/OpenMage/magento-lts/security/advisories/GHSA-r3c9-9j5q-p…

[org.opensearch:opensearch] Field-level security issue with .keyword fields in OpenSearch

Advisory title: Field-level security issue with .keyword fields
Affected versions:
OpenSearch 1.0.0-1.3.7 and 2.0.0-2.4.1
Patched versions:
OpenSearch 1.3.8 and 2.5.0
Impact:
There is an issue in the implementation of field-level security (FLS) and fie…

[org.opensearch:opensearch] Issue with whitespace in JWT roles in OpenSearch

Advisory title: Issue with whitespace in JWT roles
Affected versions:
OpenSearch 1.0.0-1.3.7 and 2.0.0-2.4.1
Patched versions:
OpenSearch 1.3.8 and 2.5.0
Impact:
OpenSearch uses JWTs to store role claims obtained from the Identity Provider (IdP) when t…

[commonmarker] Several quadratic complexity bugs may lead to denial of service in Commonmarker

Impact
Several quadratic complexity bugs in commonmarker’s underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service.
The following vulnerabilities were addressed:

CVE-2023-22483
CVE-2023-22484
CVE-2023-22…

[spotipy] Path traversal in spotipy

Summary
If a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended.
Details
The code Spotipy uses to parse URIs and URLs accepts user data too liberally which allows a…

[modoboa] Cross-Site Request Forgery in modoboa

Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4.
References

https://nvd.nist.gov/vuln/detail/CVE-2023-0438
https://github.com/modoboa/modoboa/commit/38d778cc71e370216e067d054ce0169ad83078c8
https://huntr.dev/bount…

[pyload-ng] Excessive Attack Surface in pyload-ng

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41.
References

https://nvd.nist.gov/vuln/detail/CVE-2023-0435
https://github.com/pyload/pyload/commit/431ea6f0371d748df66b344a05ca1a8e0310cff3
https://huntr.dev/bounties/a…

TechMedia

Featured

[vitess.io/vitess] vitess allows users to create keyspaces that can deny access to already existing keyspaces

[github.com/answerdev/answer] Answer vulnerable to account takeover because password reset links do not expire

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to improper access control

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter